Initialize a new MessageEncryptor.
secret must be at least as long as the cipher key size. For
the default 'aes-256-gcm' cipher, this is 256 bits. If you are
using a user-entered secret, you can generate a suitable key by using
ActiveSupport::KeyGenerator or a similar key derivation
function.

First additional parameter is used as the signature key for
MessageVerifier. This allows you to specify keys to encrypt
and sign data.

ActiveSupport::MessageEncryptor.new('secret', 'signature_secret')

Options:

:cipher - Cipher to use. Can be any cipher returned by
OpenSSL::Cipher.ciphers. Default is 'aes-256-gcm'.

:digest - String of digest to use
for signing. Default is SHA1. Ignored when using an AEAD
cipher like 'aes-256-gcm'.